Feature #12118
closed
Create a log entry when a configuration change occurs
Added by Tyler Montney over 3 years ago.
Updated about 3 years ago.
Plus Target Version:
22.01
Description
When rules are modified, the only thing syslog sends is filterdns96878: merge_config: configuration reload. Instead, syslog should...
- At minimum, send config related to X has changed (e.g. system12345: fwrules: rule changed).
- Ideally, give a brief description of what changed (e.g. system12345: fwrules: rule {ID} added/modified/deleted).
- Assignee set to Jim Pingle
- Plus Target Version set to 21.09
- Status changed from New to Feedback
- % Done changed from 0 to 100
As implemented it will log the same description which is added to the configuration already (which shows in the configuration history).
Any additional detail would have to come from separate feature requests to add more detail/specific information to the revision description when making other changes, and would not be related to this logging feature.
- Status changed from Feedback to Resolved
Tested in
21.09-DEVELOPMENT (arm64)
built on Sat Jul 24 01:10:30 EDT 2021
FreeBSD 12.2-STABLE
And
2.6.0-DEVELOPMENT (amd64)
built on Sat Jul 24 01:08:17 EDT 2021
FreeBSD 12.2-STABLE
I now see the following in the System Logs when making changes to firewall rules:
/firewall_rules_edit.php: Configuration Change: admin@172.21.58.101 (Local Database): Firewall: Rules - saved/edited a firewall rule.
Marking the ticket resolved.
- Subject changed from Send syslog on rule modification to Create a log entry when a configuration change occurs
Updating subject for release notes.
- Plus Target Version changed from 21.09 to 22.01
Also available in: Atom
PDF
Updated by 
Updated by